-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdsig.go
194 lines (158 loc) · 5.9 KB
/
dsig.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
package xmlsecurity
import (
"encoding/xml"
"github.com/jason-jackson/xmlsecurity/c14n"
)
type (
Transform struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# Transform"`
Algorithm string `xml:",attr"`
InclusiveNamespaces *InclusiveNamespaces `xml:",omitempty"`
XPath string `xml:",omitempty"`
Children []Node `xml:",any,omitempty"`
}
Transforms struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# Transforms"`
Transforms []Transform `xml:"Transform"`
}
DigestMethod struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# DigestMethod"`
Algorithm DigestAlgorithm `xml:",attr"`
Children []Node `xml:",any,omitempty"`
}
Reference struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# Reference"`
Id string `xml:",attr,omitempty"`
URI string `xml:",attr,omitempty"`
Type string `xml:",attr,omitempty"`
Transforms *Transforms `xml:",omitempty"`
DigestValue string
DigestMethod DigestMethod
}
CanonicalizationMethod struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# CanonicalizationMethod"`
Algorithm c14n.CanonicalizationAlgorithm `xml:",attr"`
Children []Node `xml:",any,omitempty"`
}
SignatureMethod struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# SignatureMethod"`
Algorithm string `xml:",attr"`
HMACOutputLength int
Children []Node `xml:",any,omitempty"`
}
SignedInfo struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# SignedInfo"`
Id string `xml:",attr"`
CanonicalizationMethod CanonicalizationMethod
SignatureMethod SignatureMethod
References []Reference `xml:"Reference"`
}
SignatureValue struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# SignatureValue"`
Id string `xml:",attr"`
Data string `xml:",chardata"`
}
KeyInfo struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# KeyInfo"`
Id string `xml:",attr"`
KeyName string
KeyValue KeyValue
RetrievalMethod RetrievalMethod
X509Data *X509Data `xml:",omitempty"`
PGPData [][]byte `xml:"PGPData>X509Certificate,omitempty"` // TODO
SPKIData [][]byte `xml:"SPKIData>X509Certificate,omitempty"` // TODO
MgmtData [][]byte `xml:"MgmtData>X509Certificate,omitempty"` // TODO
DEREncodedKeyValue *DEREncodedKeyValue `xml:",omitempty"`
KeyInfoReference *KeyInfoReference `xml:",omitempty"`
EncryptedKey *EncryptedKey `xml:",omitempty"`
DerivedKey *DerivedKey `xml:",omitempty"` // Erroneously referred to as "Agreement" in dsig spec
Children []Node `xml:",any,omitempty"`
}
KeyValue struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# KeyValue"`
DSAKeyValue *DSAKeyValue `xml:",omitempty"`
RSAKeyValue *RSAKeyValue `xml:",omitempty"`
ECKeyValue *ECKeyValue `xml:",omitempty"`
Children []Node `xml:",any,omitempty"`
}
DSAKeyValue struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# DSAKeyValue"`
P string `xml:",omitempty"`
Q string `xml:",omitempty"`
G string `xml:",omitempty"`
Y string
J string `xml:",omitempty"`
Seed string `xml:",omitempty"`
PgenCounter string `xml:",omitempty"`
}
RSAKeyValue struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# RSAKeyValue"`
Modulus string `xml:",omitempty"`
Exponent string `xml:",omitempty"`
}
X509Data struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# X509Data"`
X509Certificates [][]byte `xml:"http://www.w3.org/2000/09/xmldsig# X509Certificate"`
X509IssuerSerial *X509IssuerSerial `xml:",omitempty"` // Deprecated
X509SubjectName string `xml:",omitempty"`
X509SKI string `xml:",omitempty"`
X509Digest string `xml:",omitempty"` // TODO dsig11
}
// Deprecated
X509IssuerSerial struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# X509IssuerSerial"`
X509IssuerName string
X509SerialNumber string
}
Object struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# Object"`
Id string `xml:",attr"`
MimeType string `xml:",attr"`
Encoding string `xml:",attr"`
Children []Node `xml:",any,omitempty"`
}
Signature struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# Signature"`
Id string `xml:",attr"`
Attributes []xml.Attr `xml:",any,attr,omitempty"`
SignedInfo SignedInfo
SignatureValue SignatureValue
KeyInfo *KeyInfo `xml:",omitempty"`
Objects []Object `xml:"Object,omitempty"`
}
// The KeyInfoReference element is preferred over use of
// RetrievalMethod as it avoids use of Transform child elements
// that introduce security risk and implementation challenges.
RetrievalMethod struct {
XMLName xml.Name `xml:"http://www.w3.org/2000/09/xmldsig# RetrievalMethod"`
URI string `xml:",attr"`
Type string `xml:",attr,omitempty"`
Transforms *Transforms `xml:",omitempty"`
}
signatureParent struct {
XMLName xml.Name `xml:"*"`
Attributes []xml.Attr `xml:",any,attr,omitempty"`
Signature *Signature `xml:"Signature"`
IdAttr string `xml:"-"`
}
InclusiveNamespaces struct {
XMLName xml.Name `xml:"http://www.w3.org/2001/10/xml-exc-c14n# InclusiveNamespaces"`
PrefixList string `xml:",attr"`
}
)
func (p *signatureParent) RemoveSignature() error {
p.Signature = nil
return nil
}
func (p *signatureParent) GetId() string {
id := "Id"
if p.IdAttr != "" {
id = p.IdAttr
}
for _, attr := range p.Attributes {
if attr.Name.Local == id {
return attr.Value
}
}
return ""
}